python: Fix CVE-2014-7185 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Wenzong Fan <wenzong.fan@windriver.com>	2014-11-26 08:22:12 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-11-26 17:01:43 +0000
commit	3dd696e03e66fa98b58a17b7f34ffe4002ddc9c6 (patch)
tree	a6e788ab381c6524f232605f8a981a083732f974 /meta/lib/oe/package_manager.py
parent	0956df1596f899337afb3551db01a59bf1c38856 (diff)
download	openembedded-core-contrib-3dd696e03e66fa98b58a17b7f34ffe4002ddc9c6.tar.gz

python: Fix CVE-2014-7185

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. This back-ported patch fixes CVE-2014-7185 (From OE-Core rev: 49ceed974e39ab8ac4be410e5caa5e1ef7a646d9) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-devtools/python/python_2.7.3.bb hand merged bb file since I did not take previous patch. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/lib/oe/package_manager.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: